JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 150.107.106.56

150.107.106.56 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 26%: ?

26%

ISP	VIA NET COMMUNICATION LTD
Usage Type	Fixed Line ISP
ASN	AS45650
Domain Name	vianet.com.np
Country	🇳🇵 Nepal
City	Pokhara, Gandaki Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 150.107.106.56

Whois 150.107.106.56

IP Abuse Reports for 150.107.106.56:

This IP address has been reported a total of 41 times from 28 distinct sources. 150.107.106.56 was first reported on January 15th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-11 05:42:53 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-11 03:37:26 (1 week ago)	[redacted] 150.107.106.56 - - [11/Jun/2026:05:35:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" " ... show more [redacted] 150.107.106.56 - - [11/Jun/2026:05:35:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/13.0; WordPress/6.3; http://site61940961.com" [redacted] 150.107.106.56 - - [11/Jun/2026:05:36:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.0; WordPress/6.3; http://site72528364.com" [redacted] 150.107.106.56 - - [11/Jun/2026:05:37:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" [redacted] 150.107.106.56 - - [11/Jun/2026:05:37:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" [redacted] 150.107.106.56 - - [11/Jun/2026:05:37:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:23:38 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 150.107.106.56 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 150.107.106.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:23:25.825840 2026] [security2:error] [pid 22458:tid 22458] [client 150.107.106.56:61705] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 150.107.106.56 (+1 hits since last alert)\|fuentevictoria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fuentevictoria.com"] [uri "/xmlrpc.php"] [unique_id "aiaKDbNUudnAW0um1dfFNgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: eb7eac85-2c32-49f6-94ff-e8c25ad16083	DDoS Attack
Anonymous	2026-05-03 13:45:52 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 stechusa	2026-04-01 03:48:31 (2 months ago)	45 IPs targeting /brand/satco-products-inc/satco-light-bulbs.html \| Facet request during elevated th ... show more 45 IPs targeting /brand/satco-products-inc/satco-light-bulbs.html \| Facet request during elevated threat (facet_ratio=0.96, unique_ips=512) \| Recv-Q=1489 bytes on ESTABLISHED connection (threshold=1000) show less	Bad Web Bot DDoS Attack
🇳🇱 maxxsense	2026-03-14 18:04:00 (3 months ago)	150.107.106.56 (NP/Nepal/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇬🇧 masterguru	2026-03-10 07:45:44 (3 months ago)	Blocked scraper: Distributed DDoS IP.. String match "rating_filter=" at QUERY_STRING. (200100-185)	Hacking
🇨🇭 backslash	2026-03-09 08:06:06 (3 months ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇺🇸 matt	2026-03-03 23:22:30 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-24 05:52:09 (3 months ago)	(mod_security) mod_security (id:211790) triggered by 150.107.106.56 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211790) triggered by 150.107.106.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 00:51:55.124482 2026] [security2:error] [pid 12026:tid 12026] [client 150.107.106.56:46347] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:create (?:procedure\|function) ?\\\\w+ ?\\\\( ?\\\\) ?-\|; ?(?:declare\|open) [\\\\w-]+\|procedure analyse ?\\\\(\|declare[^\\\\w]+[@#] ?\\\\w+\|exec ?\\\\( ?\\\\@))" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "58"] [id "211790"] [rev "3"] [msg "COMODO WAF: Detects MySQL and PostgreSQL stored procedure/function injections\|\|stansco.com\|F\|2"] [data "Matched Data: procedure found within MATCHED_VAR: 1,,GTID_SUBSET(('~',((ELT(8001=8001,1))),'~'),8001) PROCEDURE ANALYSE(3538,1)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "stansco.com"] [uri "/cgi-bin/nc_ppp.cgi"] [unique_id "aZ08e_VbDGC-ecatx16MLgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-02-19 02:03:46 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 gui-ying233	2026-02-03 01:48:12 (4 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 show less	Bad Web Bot
🇨🇭 backslash	2026-01-28 01:01:00 (4 months ago)	block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803	Bad Web Bot
🇧🇷 SOC Blue Team	2026-01-16 19:26:28 (5 months ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.131

🇷🇴 80.94.92.184

🇳🇬 197.211.52.247

🇳🇱 172.217.96.29

🇩🇪 167.94.146.32

🇰🇷 106.245.246.26

🇸🇬 45.78.198.199

🇺🇸 20.80.88.247

🇬🇧 5.226.140.49

🇩🇪 213.209.159.119

🇺🇸 172.217.96.85

🇩🇪 164.90.236.107

🇺🇸 156.245.9.156

🇹🇭 150.95.24.146

🇨🇳 106.75.144.202

🇳🇱 45.148.10.141

🇨🇳 42.5.3.12

🇨🇳 39.106.64.3

🇺🇸 2602:80d:1007::38

🇭🇰 199.45.154.142